You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@jspwiki.apache.org by "Miguel Moquillon (JIRA)" <ji...@apache.org> on 2018/06/04 15:28:00 UTC

[jira] [Created] (JSPWIKI-1071) Ajax request header 'Connection' forbidden since 2015

Miguel Moquillon created JSPWIKI-1071:
-----------------------------------------

             Summary: Ajax request header 'Connection' forbidden since 2015
                 Key: JSPWIKI-1071
                 URL: https://issues.apache.org/jira/browse/JSPWIKI-1071
             Project: JSPWiki
          Issue Type: Bug
          Components: Templates and UI
    Affects Versions: 2.10.4
            Reporter: Miguel Moquillon


Since 2015, for security reason, it is no more accepted for Ajax request to set the Connection HTTP header.

Unfortunately, the Ajax in JSPWiki uses this deprecated and forbidden feature :( 
For example, in the on-fly preview  of a page edition. So any Ajax requests from JSPs are blocked by the current web browser.

This affect all versions



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)